From f46696348e4cb2bd8318b464de0cf1ecbe9902df Mon Sep 17 00:00:00 2001
From: Ryan Bates <ryan@railscasts.com>
Date: Fri, 16 Apr 2010 15:56:07 -0700
Subject: [PATCH] allow access to classes when using hash conditions since
 you'll generally want to narrow it down with a database query

---
 CHANGELOG.rdoc              | 2 +-
 README.rdoc                 | 5 +++--
 lib/cancan/ability.rb       | 4 +++-
 spec/cancan/ability_spec.rb | 2 +-
 4 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.rdoc b/CHANGELOG.rdoc
index 1a7d829..3e04fdc 100644
--- a/CHANGELOG.rdoc
+++ b/CHANGELOG.rdoc
@@ -1,6 +1,6 @@
 1.1.0 (not released)
 
-* Removing "unauthorized!" method in favor of "authorize!"
+* Removing "unauthorized!" method in favor of "authorize!" in controllers
 
 * Adding action, subject and default_message abilities to AccessDenied exception - see issue #40
 
diff --git a/README.rdoc b/README.rdoc
index f20aca8..28c3247 100644
--- a/README.rdoc
+++ b/README.rdoc
@@ -2,9 +2,10 @@
 
 RDocs[http://rdoc.info/projects/ryanb/cancan] | Wiki[http://wiki.github.com/ryanb/cancan] | Screencast[http://railscasts.com/episodes/192-authorization-with-cancan] | Metrics[http://getcaliper.com/caliper/project?repo=git%3A%2F%2Fgithub.com%2Fryanb%2Fcancan.git]
 
-This is a simple authorization solution for Ruby on Rails to restrict what a given user is allowed to access in the application. This is completely decoupled from any role based implementation allowing you to define user roles the way you want. All permissions are stored in a single location and not duplicated across the controller, view, and database.
+This is a simple authorization solution for Ruby on Rails to restrict what a given user is allowed to access. This is completely decoupled from any role based implementation allowing you to define user roles the way you want. All permissions are stored in a single location and not duplicated across the controller, view, and database.
+
+This assumes you already have authentication (such as Authlogic[http://github.com/binarylogic/authlogic] or Devise[http://github.com/plataformatec/devise]). Either of these will define a +current_user+ model in the controller which CanCan requires.
 
-This assumes you already have authentication (such as Authlogic[http://github.com/binarylogic/authlogic] or Devise[http://github.com/plataformatec/devise]) which provides a +current_user+ model.
 
 == Installation
 
diff --git a/lib/cancan/ability.rb b/lib/cancan/ability.rb
index fbbcdc2..9bd268b 100644
--- a/lib/cancan/ability.rb
+++ b/lib/cancan/ability.rb
@@ -241,7 +241,9 @@ module CanCan
         block_args += extra_args
         defined_block.call(*block_args)
       elsif defined_conditions
-        if subject.class != Class
+        if subject.class == Class
+          true
+        else
           defined_conditions.all? do |name, value|
             subject.send(name) == value
           end
diff --git a/spec/cancan/ability_spec.rb b/spec/cancan/ability_spec.rb
index 103b4e3..c2df887 100644
--- a/spec/cancan/ability_spec.rb
+++ b/spec/cancan/ability_spec.rb
@@ -145,7 +145,7 @@ describe CanCan::Ability do
     @ability.can :read, Array, :first => 1, :last => 3
     @ability.can?(:read, [1, 2, 3]).should be_true
     @ability.can?(:read, [1, 2, 3, 4]).should be_false
-    @ability.can?(:read, Array).should be_false
+    @ability.can?(:read, Array).should be_true
   end
   
   it "should return conditions for a given ability" do